Hi Am 30.06.2010 06:11, schrieb Xiaoshuo Wu: > On Tue, 29 Jun 2010 20:03:36 +0800, Josef Windorfer > <josef.windor...@stud.fh-deggendorf.de> wrote: > >>> In this case, the MAC is generated by the key "trans_code_ftcos_pk_01c", >>> and the iv(card generated random number). > The iv is different each time.
Yes, and the 4 byte response is also different each time. > >> With source code and log I found out that the mechanism for the mac is >> cbc-des. Can someone tell me which hash function is used? > I think you can treat the EVP_* functions combination in > entersafe_mac_apdu() as a hash function. Yes, that are functions from the openssl project. I think the main function is EVP_EncryptUpdate. What I want to know is which hash algorithm is used? (e.g. sha1, md5, ...) >> I want to check the mac and all my tries failed. > To get the right mac, you need get the same iv as the card have. > The checking is done in card, because the iv is generate in card, and > the key is stored in card, the card can recalculate the MAC Yes, thats the mind of the challenge/response. The card sends a random number (each time another number) and the computer calculate the mac and send this back to the card. The card can verify the response with the same (symmetric) key and the same hash algorithm. Thanks Josef _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
